TOTOLINK EX1200T is a Wi-Fi range extender from Chinaβs Gion Electronics (TOTOLINK). A command injection vulnerability exists in TOTOLINK EX1200T version V4.1.2cu.5232_B20210713, which stems from the main method failing to properly filter construct command special characters, commands, and so on. An attacker can exploit this vulnerability to cause arbitrary command execution.